Emmanuel Kwasi Gadasu
Emmanuel Kwasi Gadasu
CEH || CDPS || CIPM || CIPP-E || MSc IT and Law || Data Privacy Consultant || Information Security Trainer || Programmer || IT Trainer ||
October 12, 2024
The exemptions provided in Sections 60-74 of the Data Protection Act, 2012, while intended to serve important public interests, pose significant challenges to the rights of data subjects in Ghana. These exemptions, significantly impact the rights of data subjects.
Here’s an analysis of how these exemptions may affect individuals’ rights regarding their personal data.
- Limitation of Access Rights
The exemptions allow data controllers to deny data subjects access to their personal data under certain circumstances, particularly in cases involving national security, crime prevention, or regulatory activities (Sections 60-63). This can hinder individuals’ ability to understand how their data is being used and whether it is being processed lawfully.
- Reduced Transparency
Exemptions related to journalism, literature, and art (Section 64) can lead to a lack of transparency regarding how personal data is handled in these contexts. Data subjects may not be informed about the processing of their data for these purposes, undermining their right to be informed.
- Compromised Right to Erasure
The right to erasure (or the “right to be forgotten”) is limited by exemptions that prioritize public interest or regulatory needs over individual privacy (Sections 60-74). This means that even if a data subject wishes to have their data deleted, it may not be possible if the processing is deemed necessary for public safety or other exempted activities.
- Impact on Accountability
Exemptions can weaken the accountability of data controllers. For instance, if a data controller is exempt from certain accountability principles when processing personal data for regulatory or national security purposes, it may lead to less stringent oversight and potential misuse of personal data without adequate recourse for individuals.
- Balancing Interests
While the exemptions are designed to balance individual rights with broader societal interests—such as national security and public health—they can also create a scenario where individual rights are sidelined. This balance may disproportionately favor the interests of organizations or government entities at the expense of personal privacy.
- Potential for Abuse
The broad nature of some exemptions could lead to potential abuse by data controllers who might invoke these provisions to avoid compliance with data protection obligations. This creates a risk that legitimate requests from data subjects could be unjustly denied under the guise of exemption.
- Limited Scope for Legal Recourse
The exemptions delineate specific scenarios where rights may not apply, potentially limiting legal recourse for individuals seeking justice for violations of their rights. If a data subject feels their rights have been infringed upon but falls under an exemption, they may find it challenging to pursue legal action.
Conclusion
It is essential for legal practitioners and policymakers to carefully consider these impacts and strive for a balance that protects individual privacy without compromising public safety and other legitimate interests. Continuous monitoring and potential reform may be necessary to ensure that the rights of individuals are not unduly compromised by these exemptions.
Author: Emmanuel K. Gadasu
(CEH, CDPS, CIPM, CIPP/E, BSc IT, MSc IT and Law, LLB*)
The writer is a Data Protection and Cybersecurity Consultant, Practitioner and Trainer!
You can reach him for further comments by Call/WhatsApp/Telegram +233 24391 3077 or via email: ekgadasu@gmail.com.
LinkedIn: https://www.linkedin.com/in/ekgadasu/
Facebook: https://web.facebook.com/emmanuel.gadasu/
